From 1634ae298791e2cbf4a228a5738c911a80af5f53 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Wed, 22 Jul 2020 02:31:37 +0200 Subject: [PATCH] Ruleset Tests: revert 485 and fix it In 485, three tests were commented out because they seemed to break the ruleset tests. At the request of Gary, I've had a look see to try and find the underlying cause. Turned out to be a combination of three things: 1. A new warning having been introduced in PHP 7.4 about using array access on non-arrays. 2. The code in the test case file being incomplete/incorrect - required parameters for function calls were missing. 3. The WPCS `EscapeOutput` not having enough defensive coding for when a faulty function call without parameters would be encountered. Obviously we can't do anything about 1. As for 3, I've opened a PR in WPCS upstream to fix this, but that fix won't be available to VIP until WPCS 3.0.0 has been released and VIPCS upgrades. See: WordPress/WordPress-Coding-Standards 1939 So, in the mean time, let's make sure the function calls in the test case file which aren't intended to trigger the `EscapeOutput` sniff, don't trigger it. And that's what's done in this PR. --- To reproduce my findings / How to investigate this in the future: * Make sure you are set up to use PHP 7.4.x (or whatever other PHP version where the issue was first seen). * Run `phpcs -ps --severity=1 --standard=WordPressVIPMinimum ./WordPressVIPMinimum/ruleset-test.inc` * Take note of the missing errors/warnings. * Scroll to the top of the full report and see the cause: ``` 1 | ERROR | An error occurred during processing; checking has been aborted. The error message was: Trying to access array offset on value of type bool | | in path/to/WordPress/Sniffs/Security/EscapeOutputSniff.php on line 198 (Internal.Exception) ``` --- WordPress-VIP-Go/ruleset-test.inc | 2 +- WordPress-VIP-Go/ruleset-test.php | 2 +- WordPressVIPMinimum/ruleset-test.inc | 4 ++-- WordPressVIPMinimum/ruleset-test.php | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc index af1e610c..749f112b 100644 --- a/WordPress-VIP-Go/ruleset-test.inc +++ b/WordPress-VIP-Go/ruleset-test.inc @@ -510,7 +510,7 @@ $query_args = array( // WordPressVIPMinimum.Security.EscapingVoidReturnFunctions.Found esc_js( _deprecated_argument() ); // Error. esc_js( _deprecated_constructor() ); // Error. -// esc_js( _deprecated_file() ); // Error. +esc_js( _deprecated_file( 'filename' ) ); // Error. esc_js( _deprecated_function() ); // Error. esc_js( _deprecated_hook() ); // Error. esc_js( _doing_it_wrong() ); // Error. diff --git a/WordPress-VIP-Go/ruleset-test.php b/WordPress-VIP-Go/ruleset-test.php index 1bf4ec7c..d15f245e 100644 --- a/WordPress-VIP-Go/ruleset-test.php +++ b/WordPress-VIP-Go/ruleset-test.php @@ -98,7 +98,7 @@ 507 => 1, 511 => 1, 512 => 1, - // 513 => 1, + 513 => 1, 514 => 1, 515 => 1, 516 => 1, diff --git a/WordPressVIPMinimum/ruleset-test.inc b/WordPressVIPMinimum/ruleset-test.inc index 78d46ea9..e679d69e 100644 --- a/WordPressVIPMinimum/ruleset-test.inc +++ b/WordPressVIPMinimum/ruleset-test.inc @@ -180,7 +180,7 @@ $output = shell_exec( 'ls -lart' ); // Error. var_dump(); // Warning. var_export(); // Warning. print_r(); // Warning. -// trigger_error(); // Warning. +trigger_error( 'message' ); // Warning. set_error_handler(); // Warning. debug_backtrace(); // Warning. debug_print_backtrace(); // Warning. @@ -508,7 +508,7 @@ $query_args = array( // WordPressVIPMinimum.Security.EscapingVoidReturnFunctions.Found esc_js( _deprecated_argument() ); // Error. esc_js( _deprecated_constructor() ); // Error. -// esc_js( _deprecated_file() ); // Error. +esc_js( _deprecated_file( 'filename' ) ); // Error. esc_js( _deprecated_function() ); // Error. esc_js( _deprecated_hook() ); // Error. esc_js( _doing_it_wrong() ); // Error. diff --git a/WordPressVIPMinimum/ruleset-test.php b/WordPressVIPMinimum/ruleset-test.php index 2e8c7b99..4c9f073e 100644 --- a/WordPressVIPMinimum/ruleset-test.php +++ b/WordPressVIPMinimum/ruleset-test.php @@ -177,7 +177,7 @@ 505 => 1, 509 => 1, 510 => 1, - // 511 => 1, + 511 => 1, 512 => 1, 513 => 1, 514 => 1, @@ -235,7 +235,7 @@ 180 => 1, 181 => 1, 182 => 1, - // 183 => 1, + 183 => 1, 184 => 1, 185 => 1, 186 => 1,